CVE-2026-43418

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Prevent CID stalls due to concurrent forks A newly forked task is accounted as MMCID user before the task is visible in the process' thread list and the global task list. This creates the following problem: CPU1 CPU2...

CVE-2026-43410 firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled When the Remote System Update RSU isn't enabled in the First Stage Boot Loader FSBL, the driver encounters a NULL pointer dereference when excute...

CVE-2026-43392

Summary (CVE-2026-43392) : In the Linux kernel, the sched_ext vulnerability causes a potential DoS by starving the enable path in scx_enable() when fair-class workloads saturate the system. The root cause is a switch of the calling thread’s sched_class from fair to ext during the READY→ENABLED lo...

CVE-2026-43358

CVE-2026-43358 affects the Linux kernel's btrfs filesystem. The vulnerability is a missing RCU unlock in the error path of try_release_subpage_extent_buffer(), where rcu_read_lock() should be held before exiting the loop because an rcu_read_unlock() occurs past the loop. The issue was identified ...

SUSE CVE-2026-43148

In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: Add check for kcalloc failure in parsethreadgroups As kcalloc may fail, check its return value to avoid a NULL pointer dereference when passing it to ofpropertyreadu32array...

PT-2026-38935

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the wave5 driver when operating in polling mode. The driver uses an hrtimer to periodically trigger the wave5 vpu timer callback function, which queues work vi...

FastGPT 资源管理错误漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT 4.14.13 and earlier contain a resource management vulnerability. This vulnerability stems from insufficient resource isolation in the code-sandbox component,...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the usbtmc driver to call usbbulkmsg with a timeout value specified by the user. This...

Authorization Bypass Through User-Controlled Key

Overview aegra-api is an Aegra core API - Self-hosted Agent Protocol server Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key in the POST /threads/threadid/runs, POST /threads/threadid/runs/stream, and POST /threads/threadid/runs/wait endpoints...

Aegra has cross-user run injection in /threads/{thread_id}/runs (IDOR)

Impact Aegra deployments running 0.9.0 through 0.9.6 with multiple authenticated users on a shared instance are vulnerable to a cross-tenant IDOR. Any authenticated user User A, given another user's threadid User B, can: - Execute graph runs against User B's thread via POST /threads/threadid/runs...

GHSA-M98R-6667-4WQ7 Aegra has cross-user run injection in /threads/{thread_id}/runs (IDOR)

Impact Aegra deployments running 0.9.0 through 0.9.6 with multiple authenticated users on a shared instance are vulnerable to a cross-tenant IDOR. Any authenticated user User A, given another user's threadid User B, can: - Execute graph runs against User B's thread via POST /threads/threadid/runs...

PT-2026-38409

Name of the Vulnerable Software and Affected Versions Aegra versions 0.9.0 through 0.9.6 Description Shared instances with multiple authenticated users are susceptible to a cross-tenant Insecure Direct Object Reference IDOR. An authenticated attacker who obtains another user's thread id can execu...

Linux Distros Unpatched Vulnerability : CVE-2026-43148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/smp: Add check for kcalloc failure in parsethreadgroups As kcalloc may fail, check its return value to avoid a NULL pointer dereference when passing it ...

GHSA-PGGP-6C3X-2XMX Snappier has an infinite loop during SnappyStream decompression with malformed framed input

Summary Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes. Details The hang manifests as a userspace busy loop with SnappyStreamDecompressor.Decompress repeatedly calling Crc32CAlgorithm.Append. The exact...

Snappier has an infinite loop during SnappyStream decompression with malformed framed input

Summary Snappier.SnappyStream enters an uncatchable infinite loop when decompressing a malformed framed-format Snappy stream as small as 15 bytes. Details The hang manifests as a userspace busy loop with SnappyStreamDecompressor.Decompress repeatedly calling Crc32CAlgorithm.Append. The exact...

kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...

CVE-2026-5081

Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId added in version 1.54 uses the value of the UNIQUEID environment variable for the session id. The UNIQUEID variable is set by the Apache moduniqueid...

EUVD-2026-27666

In the Linux kernel, the following vulnerability has been resolved: md-cluster: fix NULL pointer dereference in processmetadataupdate The function processmetadataupdate blindly dereferences the 'thread' pointer acquired via rcudereferenceprotected within the waitevent macro. While the code commen...

EUVD-2026-27808

In the Linux kernel, the following vulnerability has been resolved: 9p/xen: protect xen9pfsfrontfree against concurrent calls The xenwatch thread can race with other back-end change notifications and call xen9pfsfrontfree twice, hitting the observed general protection fault due to a double-free...

EUVD-2026-27711

In the Linux kernel, the following vulnerability has been resolved: powerpc/smp: Add check for kcalloc failure in parsethreadgroups As kcalloc may fail, check its return value to avoid a NULL pointer dereference when passing it to ofpropertyreadu32array...